Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9eae2235-8723-4a71-a528-d691924c22e1.roa
File: 9eae2235-8723-4a71-a528-d691924c22e1.roa (raw, json)
Hash identifier: IBssIxP/h/gGHmXNi5H9lPGWKEXKpwvGTx2WXkXAyEU=
Subject key identifier: 69:F9:E1:31:77:9B:33:67:3E:54:AA:FC:C9:7A:D1:71:63:3C:CC:4B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 087A65527648070DBA6BA75F3239BA84BF7CFFF7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9eae2235-8723-4a71-a528-d691924c22e1.roa
Signing time: Wed 12 Mar 2025 00:11:12 +0000
ROA not before: Wed 12 Mar 2025 00:11:12 +0000
ROA not after: Wed 16 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 162.208.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 15:52:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:7a:65:52:76:48:07:0d:ba:6b:a7:5f:32:39:ba:84:bf:7c:ff:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 12 00:11:12 2025 GMT
Not After : Apr 16 23:59:59 2025 GMT
Subject: serialNumber=1c32ae1b20cc70dc8d9a913ed0402cd2433c8cb7fb7bf6dfb27ebacfa6d0430f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:83:17:ae:f4:3a:93:a9:cb:87:d1:3c:fb:36:
59:7c:72:ea:20:68:2c:26:e1:ad:b7:60:05:20:14:
41:80:81:77:53:5a:0b:f8:82:ad:d7:e2:a2:e6:8f:
66:46:23:70:9e:00:e0:f4:26:40:19:3c:1b:b6:84:
f8:e2:13:33:91:04:79:85:84:cd:4a:ba:51:bb:34:
09:ab:83:92:2f:4f:c8:70:bc:f6:90:0c:72:e6:b2:
ee:5b:24:1c:1d:49:64:f6:84:df:86:24:e0:1d:97:
1f:cc:96:de:8d:b3:75:a2:0e:1b:69:c4:cc:19:3f:
b2:14:86:99:a8:01:1b:0a:fc:65:47:cb:4d:5b:2e:
b0:d4:bd:fe:70:25:a2:92:39:d0:1f:48:3b:c7:ab:
c1:ee:3d:94:60:87:fe:8c:e3:da:a6:82:16:c0:00:
d7:43:c2:b3:23:96:5a:e7:cc:7a:17:9a:8f:a9:b1:
1f:4a:be:19:2e:fe:57:86:cb:58:42:94:2c:92:ae:
61:0a:0b:81:03:14:ae:30:a8:4b:0c:8a:81:b5:48:
db:eb:e8:5b:46:5e:1d:e8:72:d3:2e:eb:3a:f6:31:
dd:8e:b4:17:9b:3f:40:b2:e3:11:c7:61:de:3c:9d:
cd:6b:40:b3:e8:5e:dd:53:76:f3:68:ea:15:5b:3d:
88:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F9:E1:31:77:9B:33:67:3E:54:AA:FC:C9:7A:D1:71:63:3C:CC:4B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9eae2235-8723-4a71-a528-d691924c22e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
162.208.123.0/24
Signature Algorithm: sha256WithRSAEncryption
42:c2:6e:67:1e:e8:e1:fc:55:a5:cc:79:3f:0b:21:59:e3:da:
50:d7:8e:88:7b:44:d5:76:45:af:17:a5:22:4d:11:8e:b3:9f:
67:a2:e6:cf:0f:51:d2:64:c3:ee:cf:ee:40:0f:c0:7e:4a:20:
25:30:82:67:0b:52:64:33:03:df:21:ce:0c:56:47:99:89:64:
fb:34:41:25:59:1a:66:70:25:e0:0b:54:25:da:d4:21:ee:d7:
2a:8e:b6:dc:04:14:a6:d1:74:5c:97:1f:d9:81:ff:69:7d:8c:
45:fa:7a:92:26:0c:a3:d5:b5:95:77:ce:9a:ad:27:45:c1:e4:
d1:ce:7d:e5:49:d8:8a:4a:ac:f7:4b:c8:ca:49:c3:dc:dc:64:
e7:05:58:3b:f8:c9:2e:6c:3a:48:5c:33:41:8a:86:60:ac:0b:
55:a7:36:3e:95:66:ef:d0:5c:6d:c8:61:2c:d1:a4:a1:2d:92:
20:83:1b:20:8c:50:38:47:91:74:4f:01:cc:55:e7:0e:f8:eb:
96:b1:7b:f0:39:13:e9:03:55:4c:dd:66:77:b9:42:68:22:58:
c0:05:ad:ed:a3:1f:78:b0:9c:86:08:39:9f:16:8c:ff:7c:e3:
86:c6:88:29:66:2a:fb:ed:3d:d5:23:71:42:8f:8d:c2:f8:cd:
85:de:39:dd
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCHplUnZIBw26a6dfMjm6hL98//cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzEyMDAxMTEyWhcNMjUwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYzMyYWUxYjIwY2M3MGRjOGQ5YTkxM2VkMDQwMmNkMjQz
M2M4Y2I3ZmI3YmY2ZGZiMjdlYmFjZmE2ZDA0MzBmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXgxeu9DqTqcuH0Tz7Nll8cuogaCwm4a23YAUgFEGAgXdT
Wgv4gq3X4qLmj2ZGI3CeAOD0JkAZPBu2hPjiEzORBHmFhM1KulG7NAmrg5IvT8hw
vPaQDHLmsu5bJBwdSWT2hN+GJOAdlx/Mlt6Ns3WiDhtpxMwZP7IUhpmoARsK/GVH
y01bLrDUvf5wJaKSOdAfSDvHq8HuPZRgh/6M49qmghbAANdDwrMjllrnzHoXmo+p
sR9Kvhku/leGy1hClCySrmEKC4EDFK4wqEsMioG1SNvr6FtGXh3octMu6zr2Md2O
tBebP0Cy4xHHYd48nc1rQLPoXt1TdvNo6hVbPYjzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUafnhMXebM2c+VKr8yXrRcWM8zEswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzllYWUyMjM1LTg3MjMtNGE3MS1hNTI4LWQ2OTE5MjRjMjJlMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACi0HswDQYJKoZIhvcNAQELBQADggEBAELCbmce6OH8VaXMeT8LIVnj2lDX
joh7RNV2Ra8XpSJNEY6zn2ei5s8PUdJkw+7P7kAPwH5KICUwgmcLUmQzA98hzgxW
R5mJZPs0QSVZGmZwJeALVCXa1CHu1yqOttwEFKbRdFyXH9mB/2l9jEX6epImDKPV
tZV3zpqtJ0XB5NHOfeVJ2IpKrPdLyMpJw9zcZOcFWDv4yS5sOkhcM0GKhmCsC1Wn
Nj6VZu/QXG3IYSzRpKEtkiCDGyCMUDhHkXRPAcxV5w7465axe/A5E+kDVUzdZne5
QmgiWMAFre2jH3iwnIYIOZ8WjP9844bGiClmKvvtPdUjcUKPjcL4zYXeOd0=
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:11:52 2025 by rpki-client